rumsfeldfoundation.org
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
- Ads
-
- Meta Pixel
Third-party hosts loaded (4)
- connect.facebook.net×1
- maxcdn.bootstrapcdn.com×1
- www.google.com×1
- www.googletagmanager.com×1
Social
Contact
- Address
- St NW Suite 402 Washington, D.C. 20036
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 2007-07-10
- Expires
- 2026-07-10 52 days left
- Updated
- 2024-08-24
- Name servers
-
- ns57.domaincontrol.com
- ns58.domaincontrol.com
DNS records live
- NS
-
- ns57.domaincontrol.com
- ns58.domaincontrol.com
- MX
-
- 0 rumsfeldfoundation-org.mail.protection.outlook.com
- TXT
-
stripe-verification=b7994fe4ff1f1616cd097054ce9a017ef8fb55fb3a7ffdca72dffea9130cbe9f
Email authentication partial
- SPF
-
v=spf1 include:spf.em.secureserver.net include:eresources.ws include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:receipts@rumsfeldfoundation.orgpolicy: none (monitoring only) - DKIM
-
- k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - k2:
Certificate (current)
R13
Expires in 37 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- weak content type protection
- missing Permissions Policy
Header values
- referrer-policy
no-referrer,no-referrer-when-downgrade,origin,origin-when-cross-origin,same-origin,strict-origin,strict-origin-when-cross-origin,unsafe-url, strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN, SAMEORIGIN- x-content-type-options
nosniff, nosniff- content-security-policy
font-src 'self' https://*.bootstrapcdn.com https://fonts.gstatic.com data:; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://code.jquery.com/ https://www.googletagmanager.com https://*.webspellchecker.net https://www.google-analytics.com https://www.rumsfeldfoundation.org https://*.googleapis.com/ https://*.google-analytics.com/ https://*.gstatic.com https://*.firebase.com/ https://*.google.com/ https://*.bootstrapcdn.com https://*.facebook.net https://*.linkedin.com https://*.twitter.com; style-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://*.webspellchecker.net https://www.google-analytics.com https://www.rumsfeldfoundation.org https://*.googleapis.com/ https://cdn.firebase.com/ https://*.bootstrapcdn.com https://*.facebook.net https://*.google.com https://*.linkedin.com https://*.twitter.com; object-src 'self'; frame-ancestors 'self' https://www.rumsfeldfoundation.org https://*.webspellchecker.net https://*.googleapis.com/ https://*.google-analytics.com- strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains